# Postgres StatefulSet.
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: '{{ ansible_operator_meta.name }}-postgres-{{ supported_pg_version }}'
  namespace: '{{ ansible_operator_meta.namespace }}'
  labels:
    {{ lookup("template", "../common/templates/labels/additional_labels.yaml.j2") | indent(width=4) | trim }}
    app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}'
    app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}'
    app.kubernetes.io/component: 'database'
    app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
    app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
    app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
    app.kubernetes.io/component: database
spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}'
      app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}'
      app.kubernetes.io/component: 'database'
      app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
  serviceName: '{{ ansible_operator_meta.name }}'
  replicas: 1
  updateStrategy:
    type: RollingUpdate
  template:
    metadata:
      labels:
        {{ lookup("template", "../common/templates/labels/additional_labels.yaml.j2") | indent(width=8) | trim }}
        app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}'
        app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}'
        app.kubernetes.io/component: 'database'
        app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
        app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
{% if postgres_annotations %}
        {{ postgres_annotations | indent(width=8) }}
{% endif %}
    spec:
{% if image_pull_secret is defined %}
      imagePullSecrets:
        - name: {{ image_pull_secret }}
{% elif image_pull_secrets | length > 0 %}
      imagePullSecrets:
{% for secret in image_pull_secrets %}
        - name: {{ secret }}
{% endfor %}
{% endif %}
{% if postgres_priority_class is defined %}
      priorityClassName: '{{ postgres_priority_class }}'
{% endif %}
{% if postgres_data_volume_init and not is_openshift %}
      initContainers:
        - name: init
          image: '{{ _postgres_image }}'
          imagePullPolicy: '{{ image_pull_policy }}'
          securityContext:
            runAsUser: 0
          command:
            - /bin/sh
            - -c
            - |
              {{ postgres_init_container_commands | indent(width=14) }}
          resources: {{ postgres_init_container_resource_requirements | default(postgres_resource_requirements) }}
          volumeMounts:
            - name: postgres-{{ supported_pg_version }}
              mountPath: '{{ _postgres_data_path | dirname }}'
              subPath: '{{ _postgres_data_path | dirname | basename }}'
{% if postgres_extra_volume_mounts %}
            {{ postgres_extra_volume_mounts | indent(width=12, first=True) }}
{% endif %}
{% endif %}
      containers:
        - image: '{{ _postgres_image }}'
          imagePullPolicy: '{{ image_pull_policy }}'
          name: postgres
{% if postgres_security_context_settings|length %}
          securityContext:
            {{ postgres_security_context_settings | to_nice_yaml | indent(12) }}
{% endif %}
{% if postgres_extra_args %}
          command: ["run-postgresql"]
          args: {{ postgres_extra_args }}
{% endif %}
          env:
            # For postgres_image based on rhel8/postgresql-{{ supported_pg_version }}
            - name: POSTGRESQL_DATABASE
              valueFrom:
                secretKeyRef:
                  name: '{{ __postgres_configuration_secret }}'
                  key: database
            - name: POSTGRESQL_USER
              valueFrom:
                secretKeyRef:
                  name: '{{ __postgres_configuration_secret }}'
                  key: username
            - name: POSTGRESQL_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: '{{ __postgres_configuration_secret }}'
                  key: password

            # For postgres_image based on postgres
            - name: POSTGRES_DB
              valueFrom:
                secretKeyRef:
                  name: '{{ __postgres_configuration_secret }}'
                  key: database
            - name: POSTGRES_USER
              valueFrom:
                secretKeyRef:
                  name: '{{ __postgres_configuration_secret }}'
                  key: username
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: '{{ __postgres_configuration_secret }}'
                  key: password
            - name: PGDATA
              value: '{{ _postgres_data_path }}'
            - name: POSTGRES_INITDB_ARGS
              value: '{{ postgres_initdb_args }}'
            - name: POSTGRES_HOST_AUTH_METHOD
              value: '{{ postgres_host_auth_method }}'
{% if 'resources' in old_pg_config and old_pg_config['resources'] and 'password' in old_pg_config['resources'][0]['data'] %}
            - name: PGPASSWORD_OLD
              valueFrom:
                secretKeyRef:
                  name: '{{ old_pg_config['resources'][0]['metadata']['name'] }}'
                  key: password
{% endif %}
          ports:
            - containerPort: {{ awx_postgres_port | default('5432')}}
              name: postgres-{{ supported_pg_version }}
          volumeMounts:
            - name: postgres-{{ supported_pg_version }}
              mountPath: '{{ _postgres_data_path | dirname }}'
              subPath: '{{ _postgres_data_path | dirname | basename }}'
{% if postgres_extra_volume_mounts %}
            {{ postgres_extra_volume_mounts | indent(width=12, first=True) }}
{% endif %}
          resources: {{ postgres_resource_requirements }}
{% if postgres_selector %}
      nodeSelector:
        {{ postgres_selector | indent(width=8) }}
{% endif %}
{% if postgres_tolerations %}
      tolerations:
        {{ postgres_tolerations | indent(width=8) }}
{% endif %}
{% if postgres_extra_volumes %}
      volumes:
        {{ postgres_extra_volumes | indent(width=8, first=False) }}
{% endif %}
  volumeClaimTemplates:
    - metadata:
        name: postgres-{{ supported_pg_version }}
      spec:
        accessModes:
          - ReadWriteOnce
{% if postgres_storage_class is defined %}
        storageClassName: '{{ postgres_storage_class }}'
{% endif %}
        resources:
{% if postgres_storage_requirements.limits.storage | default("", true) %}
          limits:
            storage: {{ postgres_storage_requirements.limits.storage }}
{% endif %}
{% if postgres_storage_requirements.requests.storage | default("", true) %}
          requests:
            storage: {{ postgres_storage_requirements.requests.storage }}
{% endif %}

# Postgres Service.
---
apiVersion: v1
kind: Service
metadata:
  name: '{{ ansible_operator_meta.name }}-postgres-{{ supported_pg_version }}'
  namespace: '{{ ansible_operator_meta.namespace }}'
  labels:
    {{ lookup("template", "../common/templates/labels/additional_labels.yaml.j2") | indent(width=4) | trim }}
    app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}'
    app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}'
    app.kubernetes.io/component: 'database'
    app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
    app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
    app.kubernetes.io/operator-version: '{{ lookup("env", "OPERATOR_VERSION") }}'
    app.kubernetes.io/component: database
spec:
  ports:
    - port: 5432
  clusterIP: None
  selector:
    app.kubernetes.io/name: 'postgres-{{ supported_pg_version }}'
    app.kubernetes.io/instance: 'postgres-{{ supported_pg_version }}-{{ ansible_operator_meta.name }}'
    app.kubernetes.io/component: 'database'
    app.kubernetes.io/part-of: '{{ ansible_operator_meta.name }}'
    app.kubernetes.io/managed-by: '{{ deployment_type }}-operator'
